api-staging.xfinitymfa.com
Issued by Amazon
About this certificate
This digital certificate with serial number 06:0f:c4:8c:62:de:73:7b:4e:15:a5:dd:fa:55:90:55 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=api-staging.xfinitymfa.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:0f:c4:8c:62:de:73:7b:4e:15:a5:dd:fa:55:90:55Serial Number (int): 8057238902411043217429057733588783189
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 53:ea:79:54:a6:ed:b1:ef:47:5f:0d:cc:44:49:8f:05:0c:e4:22:ac
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 71:5d:2d:43:24:28:0e:3b:d3:d5:89:24:2d:5a:da:63:68:4d:15:66
Fingerprint (sha256): da:59:8a:43:6d:a2:9d:53:f8:5c:6e:fb:ef:fe:cc:56:27:49:21:69:fc:5e:3a:75:24:61:0f:6b:66:ee:e4:18
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate api-staging.xfinitymfa.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for api-staging.xfinitymfa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api-staging.xfinitymfa.com
xfinitymfa.com
xfinitymfa.com
Other certificates including the domain name xfinitymfa.com
(limited to 100 certificates)
api-staging.xfinitymfa.com
*.xfinitymfa.com
api.xfinitymfa.com
api-dev.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
*.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
test.xfinitymfa.com
api-dev.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
*.xfinitymfa.com
api.xfinitymfa.com
api-dev.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
*.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
test.xfinitymfa.com
api-dev.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
Certificate
The complete raw certificate details for api-staging.xfinitymfa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEmjCCA4KgAwIBAgIQBg/EjGLec3tOFaXd+lWQVTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODA1MzAwMDAwMDBaFw0xOTA2MzAx MjAwMDBaMCUxIzAhBgNVBAMTGmFwaS1zdGFnaW5nLnhmaW5pdHltZmEuY29tMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBQzStpHvwDxyf89iivAKIdU DFJ+Meq5ikWZykh7Zc9iH2LLtBgigcT6VkcLeURj+2q4XpOJR+2VIBkAYR0DZzhe 7iTTAOHJcfJC17Ev3K4Sg2DW8Jc6CIwlj1yIO4NAru/dU/3/aUlAX0+MV1YgrnwU LF6fcm6zXLHWOSMmbANDO63DJOM90x7zmaiO5G4n523nFClLWkUWV46qz1qwfQYq vIr3AdKAu48/x4gEQuBw8L79fKfcOCXT9w0ByI4Uor8ZwdMyJyp3QYVgRJhNGTl4 VInSURDPASVX64BkP0ohE/Dw3PGldaruPuJZrwpM5NPtIakrIBDjkmB53ffdSwID AQABo4IBozCCAZ8wHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYD VR0OBBYEFFPqeVSm7bHvR18NzERJjwUM5CKsMDUGA1UdEQQuMCyCGmFwaS1zdGFn aW5nLnhmaW5pdHltZmEuY29tgg54ZmluaXR5bWZhLmNvbTAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAu oCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAg BgNVHSAEGTAXMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBn MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20w NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3Nj YTFiLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqG SIb3DQEBCwUAA4IBAQA+tTUEJ8IgzlLJ31sYMWQcEZyalhJj6URmDIFrltiUlJrH KkdLHGQS5YtWrSaDzWKep9NGbNUaZBWVSHkP2I9vmxo4HF/lsoAvtvbhRkjZtYZT 1IFLTuRFxvTOAdLXpTJCZ6OAP5KMZMjFZ72mRyXyOZKqg6/7Qjl+aLusWTeRdzlC wHnO6DkdoRaTYTANHOl6BTj30y4AmHhbnrCQQf+b3wyFrckMnLcBWN4sszSSeXx9 5IGikRXk0SUM5GHF5wGd/mj4HU0W0l5qTi2kEbfgs5G1DPrKzd/wRIXbUK8sUfMn XmESHKWPn29Sqfw3e0+FQAdZy9hFb0oWeI/NkVfF -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBQzStpHvwDxyf89iivA KIdUDFJ+Meq5ikWZykh7Zc9iH2LLtBgigcT6VkcLeURj+2q4XpOJR+2VIBkAYR0D Zzhe7iTTAOHJcfJC17Ev3K4Sg2DW8Jc6CIwlj1yIO4NAru/dU/3/aUlAX0+MV1Yg rnwULF6fcm6zXLHWOSMmbANDO63DJOM90x7zmaiO5G4n523nFClLWkUWV46qz1qw fQYqvIr3AdKAu48/x4gEQuBw8L79fKfcOCXT9w0ByI4Uor8ZwdMyJyp3QYVgRJhN GTl4VInSURDPASVX64BkP0ohE/Dw3PGldaruPuJZrwpM5NPtIakrIBDjkmB53ffd SwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8057238902411043217429057733588783189 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-30 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api-staging.xfinitymfa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24247715722706285313516063188689042261959097013213189939777510968932601390017422065774862657058539613698940881801066970903132297711539938739868672815761034538501638503823251214379664313348893197578360433671652719033266479688003364081299405306249415794197614750019787875709992130927459005816688003725079152451538071344547917936860614596365877217833404178000072417393974586644044243599855738145889505882563172963245604188188317273376679535734850245542483249960304581898667712570714325279792614857417479212411455291737832745646306770278391450976749243957060728693822928988632142828767082159265638075154900539097904307531 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 53ea7954a6edb1ef475f0dcc44498f050ce422ac . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-staging.xfinitymfa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xfinitymfa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003eb5350427c220ce52c9df5b1831641c119c9a961263e944660c816b96d894949ac72a474b1c6412e58b56ad2683cd629ea7d3466cd51a64159548790fd88f6f9b1a381c5fe5b2802fb6f6e14648d9b58653d4814b4ee445c6f4ce01d2d7a5324267a3803f928c64c8c567bda64725f23992aa83affb42397e68bbac593791773942c079cee8391da1169361300d1ce97a0538f7d32e0098785b9eb09041ff9bdf0c85adc90c9cb70158de2cb33492797c7de481a29115e4d1250ce461c5e7019dfe68f81d4d16d25e6a4e2da411b7e0b391b50cfacacddff04485db50af2c51f3275e61121ca58f9f6f52a9fc377b4f85400759cbd8456f4a16788fcd9157c5